5 matches found
CVE-2026-28732
Mattermost fixes are for versions 11.5.x (up to 11.5.1), 10.11.x (up to 10.11.13), and 11.4.x (up to 11.4.3). The issue is a failure to enforce slash command trigger-word uniqueness during command updates, allowing an authenticated team member with Manage Own Slash Commands permission to hijack o...
CVE-2024-11166 Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configuration Setting vulnerability
For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control SLC to the lowest setting and disable the Resolution Advisory RA, leading to a...
CVE-2024-38315 IBM Aspera Shares session fixation
IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system...
Docker Elevation of Privilege Vulnerability
Docker is an open source application container engine from the American company Docker. The product supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrading of applications...
CVE-2019-3629
Application protection bypass vulnerability in McAfee Enterprise Security Manager ESM prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters...